<?php 
	
	@include_once('php/sql.php');
	@include_once('php/util.php');
	@include_once('sql.php');
	@include_once('util.php');
		
	class BB {
		
		function GetTags() {
			$q = mysql_query("
				SELECT *
				FROM tag T
				ORDER BY T.Title ASC
			"); 
			if (!$q) return mysql_error();
			
      $str = "<ul class=\"list\">";
      while ($r = mysql_fetch_assoc($q)) {
        $str .= "<li class=\"list-item ".($_GET["t"]==$r["ID"]?"sel":"")."\"><a href=\"?t=".$r["ID"]."\">".$r["Title"]."</a></li>";
      }
      $str .= "</ul>";
      return $str;
		}
		
		function GetHeaders($tag) {
			$q = mysql_query("
				SELECT M.ID, M.Title, M.Timestamp, M.Author, M.Image, M.Content
				FROM message M
				INNER JOIN messagetags MT ON MT.MessageID = M.ID AND MT.TagID IN ($tag)
				WHERE M.Parent IS NULL
				ORDER BY Timestamp DESC
				LIMIT 0, 10
			");

			$str = $this->ReplyTo(false);
      while ($r = mysql_fetch_assoc($q)) {
        $str .= '
		      <div id="message_'.$r["ID"].'" class="frame">
		        <div class="head">
		          <h1><a href="?m='.$r["ID"].'">'.$r["Title"].'</a></h1>
		        </div>
						<div class="body">
		          <div class="image">
		          	'.($r["Image"]?'<img src="'.$r["Image"].'" />':'').'            
		          </div>
		          <div class="text">
		          	'.substr($r["Content"], 0, 500).'...            
		          </div>
		        </div>
		        <div class="foot">
		          <div class="info">by <b>'.($r["Author"]?$r["Author"]:"Anonymous").'</b> on '.date(F." ".jS." ".H.":".i.":".s, $r["Timestamp"]).'</div>
		          <a href="?m='.$r["ID"].'">Read more</a> (245)
		          <!-- <a href="#" onclick="XC.ReplyTo('.$r["ID"].');">Comment</a> (12) -->
		        </div>
		      </div>
		      <div id="message_'.$r["ID"].'_reply"></div>
				';
      }
      return $str;
		}

		function GetThread($thread) {
			# SPOROČILO
			$q = mysql_query("
				SELECT M.ID, M.Title, M.Timestamp, M.Author, M.Image, M.Content
				FROM message M
				WHERE M.ID = '".$thread."'
			");
			
      while ($r = mysql_fetch_assoc($q)) {
        $str .= '
		      <div id="message_'.$r["ID"].'" class="frame">
		        <div class="head">
		          <h1>'.$r["Title"].'</h1>
		          <div class="info">is a post nr. '.$r["ID"].' by <b>'.$r["Author"].'</b> on '.date(F." ".jS." ".H.":".i.":".s, $r["Timestamp"]).'</div>
		        </div>
		        <div class="body">
		          <div class="image">
		            <img src="http://image.24ur.com/media/images///360x240/Sep2010//60526571.jpg" />
		          </div>
		          <div class="text">
		            '.nl2br($r["Content"]).'
		          </div>
		        </div>
		        <div class="foot">
		          <a href="#" onclick="XC.ThumbsUp('.$r["ID"].');">Thumbz Up</a> (245)
		          <a href="#" onclick="XC.ThumbsDown('.$r["ID"].');">Thumbz Down</a> (44)
		          <a href="#" onclick="XC.ReplyTo('.$r["ID"].');">Comment</a> (12)
		          <a href="#" onclick="XC.Share('.$r["ID"].');">Share</a>
		          <a href="#" onclick="XC.Delete('.$r["ID"].');">Delete</a>
		        </div>
		      </div>
		      <div id="message_'.$r["ID"].'_reply"></div>
				';

/*
      <div id="message" class="frame">
        <div class="head">
          <h1>Lorem ipsum dolor sit amet consectetuer Sed Nam malesuada pulvinar In</h1>
          <div class="info">is a post nr. 274560231 by <b>Anonymous</b> on September 24th at 15:06:23</div>
        </div>
        <div class="body">
          <div class="image">
            <img src="http://image.24ur.com/media/images///360x240/Sep2010//60526571.jpg" />
          </div>
          <div class="text">
            Lorem ipsum dolor sit amet consectetuer Sed Nam malesuada pulvinar In. Ut et Morbi tellus interdum Lorem suscipit Vestibulum vel interdum Cras. Feugiat risus felis nunc justo pretium condimentum tincidunt elit Curabitur sed. Velit natoque velit cursus id Ut in fringilla malesuada nibh semper. Facilisis gravida nec et Sed fringilla Lorem sapien nulla et leo. Egestas amet.<br /><br />
            Condimentum Proin tincidunt et pretium semper tincidunt Nunc Quisque aliquam Nunc. Dui dignissim nascetur felis elit tincidunt sed id Mauris ac adipiscing. Vestibulum orci cursus urna orci condimentum vel diam et orci Maecenas. Malesuada neque augue at dapibus lacus pede iaculis nisl a lorem. Vitae penatibus metus nibh mus eros odio tincidunt dictum pretium.
          </div>
        </div>
        <div class="foot">
          <a href="#">Thumbz Up</a> (245)
          <a href="#">Thumbz Down</a> (44)
          <a href="#">Reply</a> (12)
          <a href="#">Share</a>
          <a href="#">Delete</a>
        </div>
      </div>
*/
      }
      return $str;
		}
		
		function ReplyTo($id) {
			if ($id) $m = mysql_fetch_assoc(mysql_query("SELECT * FROM Message WHERE ID = '$id'"));
			//if ($id) 
			$re = 'style="display: none;"';
			$x = '
          <div class="body" '.$re.'>
            <div class="image">
              <input type="file" name="file" id="file" style="display: none;" />
              Image URL:<br />
              <input type="text name="file" placeholder="http://" /><br /><br />
              or <a class="btn" href="#">browse</a> for a file
            </div>
            <div class="text">
              <textarea name="text"></textarea>
            </div>
          </div>
			';
			$str = '
	      <form class="'.($id?'reply':'reply new').'">
	      	<input type="hidden" name="replyto" value="'.$m["ID"].'" />
	        <div class="frame">
	          <div class="head">
	            <div class="title">
	              <input type="text" name="title" placeholder="'.($id ? $m["Title"] : '...').'" />
	            </div>
	            <div class="info">will be a post by <input type="text" name="author" value="'.($_SESSION["Author"]?$_SESSION["Author"]:'Anonymous').'" /> on '.date('F jS').'
							<a class="btn" href="#">submit</a></div>
	          </div>
            '.$x.'
	          <div style="clear:both;"></div>
	          <div class="hlp1" style="display:none;"></div>
	        </div>
	      </form>
			';
			return $str;
		}
		
		function GetLogin() {
			$str = "";
			if (!isset($_SESSION["uid"])) {
				$str .= "<div class=\"login\">Username: <input type=\"text\" class=\"uname\" /><br />Password: <input type=\"password\" class=\"pass\" /><br /><input type=\"button\" value=\"Login\" /> or <a href=\"#\" id=\"register\">register</a><br /><a href=\"#\">Forgot password?</a></div>";
			}
			else {
				$str .= "<div class=\"login\">Logged in as ".$_SESSION["uname"]."<br /><input type=\"button\" value=\"Logout\" /></div>";
			}
			return $str;
		}
		
		function Login($u, $p) {
			$q = mysql_query("SELECT * FROM user WHERE `Username` = '$u'");
			$uInfo = mysql_fetch_assoc($q);
			if (md5(md5($p . "_s0m3_r4nd0m_54l7")) == $uInfo["Password"]) {
				$_SESSION["uid"] = $uInfo["ID"];
				return $this->GetLogin();
			}
		}
		function Logout() {
			unset($_SESSION);
			return $this->GetLogin();
		}
		
		function Register($get = false) {
			if ($get) {
				$q = "INSERT INTO users (`Username`, `Password`, `DefaultAuthor`, `Email`, `LastLogin`) VALUES ('".$get["Username"]."', '".$get["Password"]."', '".$get["Author"]."', '".$get["Email"]."', 'CURRENT_TIMESTAMP');";
				if (mysql_query($q)) {
					return "OK";
				}
				else
				{
					return mysql_error();
				}
			}
			else {
				$str = '
					<form class="register" title="Create new profile">
						<table>
						<tr><td>Username:</td><td><input type="text" name="Username" /></td></tr> 
						<tr><td>Password:</td><td><input type="password" name="Password" /></td></tr> 
						<tr><td>Verify</td><td><input type="password" name="Password1" /></td></tr> 
						<tr><td>Default signature (Author)</td><td><input type="text" name="Author" /></td></tr> 
						<tr><td>E-mail</td><td><input type="email" name="Email" /></td></tr>
						<tr><td>&nbsp;</td><td><input id="regbtn" type="button" value="Register" /></td></tr>
						</table> 
					</form>
				';
			}			
			return $str;
		}
	}
	
	$bb = new BB();
	
	if ($_POST["replyto"]) {
		echo $bb->ReplyTo($_POST["replyto"]);
	}
	if ($_POST["register"]) {
		echo $bb->Register();
	}
	if ($_GET["register"]) {
		echo $bb->Register($_GET);
	}
	if ($_POST["uname"] and $_POST["pass"]) {
		echo $bb->Login($_POST["uname"], $_POST["pass"]);
	}
?>
